Use controllerutil.SetControllerReference for Certificates

simu · simu · commit 6a91a2de2d85 · 2022-10-12T16:48:30.000+02:00
diff --git a/certs/create.go b/certs/create.go
@@ -11,15 +11,17 @@ import (
 	"github.com/go-logr/logr"
 
 	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
 )
 
 // CreateCertificate creates a Certificate resource for an appropriately
 // labeled service
-func CreateCertificate(ctx context.Context, l logr.Logger, c client.Client, svc corev1.Service, secretName string) error {
+func CreateCertificate(ctx context.Context, l logr.Logger, c client.Client, svc corev1.Service, secretName string, scheme *runtime.Scheme) error {
 	certName := CertificateName(svc.Name)
 
 	cert := cmapi.Certificate{}
@@ -30,7 +32,7 @@ func CreateCertificate(ctx context.Context, l logr.Logger, c client.Client, svc
 	if err != nil {
 		if errors.IsNotFound(err) {
 			l.V(1).Info("Certificate resource doesn't exist, creating")
-			return newCertificate(ctx, c, certName, secretName, svc)
+			return newCertificate(ctx, c, certName, secretName, svc, scheme)
 		}
 
 		l.V(1).Info("Error looking up certificate resource", "error", err)
@@ -39,7 +41,7 @@ func CreateCertificate(ctx context.Context, l logr.Logger, c client.Client, svc
 	}
 
 	origCert := cert.DeepCopy()
-	err = updateCertificate(&cert, svc)
+	err = updateCertificate(&cert, svc, scheme)
 	if err != nil {
 		return err
 	}
@@ -50,7 +52,7 @@ func CreateCertificate(ctx context.Context, l logr.Logger, c client.Client, svc
 	return nil
 }
 
-func newCertificate(ctx context.Context, c client.Client, certName, secretName string, svc corev1.Service) error {
+func newCertificate(ctx context.Context, c client.Client, certName, secretName string, svc corev1.Service, scheme *runtime.Scheme) error {
 	cert := &cmapi.Certificate{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      certName,
@@ -67,14 +69,14 @@ func newCertificate(ctx context.Context, c client.Client, certName, secretName s
 		},
 	}
 
-	if err := updateCertificate(cert, svc); err != nil {
+	if err := updateCertificate(cert, svc, scheme); err != nil {
 		return err
 	}
 
 	return c.Create(ctx, cert)
 }
 
-func updateCertificate(cert *cmapi.Certificate, svc corev1.Service) error {
+func updateCertificate(cert *cmapi.Certificate, svc corev1.Service, scheme *runtime.Scheme) error {
 	svcName := fmt.Sprintf("%s.%s", svc.Name, svc.Namespace)
 	svcDNSNames := []string{
 		svc.Name,
@@ -103,9 +105,7 @@ func updateCertificate(cert *cmapi.Certificate, svc corev1.Service) error {
 	}
 
 	// Set ownerreference on certificate to service
-	cert.OwnerReferences = []metav1.OwnerReference{
-		*metav1.NewControllerRef(&svc, corev1.SchemeGroupVersion.WithKind("Service")),
-	}
+	controllerutil.SetControllerReference(&svc, cert, scheme)
 
 	return nil
 }
diff --git a/certs/create_test.go b/certs/create_test.go
@@ -19,6 +19,8 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 )
 
+var scheme = createScheme()
+
 func TestCerts_CreateCertificate(t *testing.T) {
 	ctx := context.Background()
 	l := testr.New(t)
@@ -57,7 +59,7 @@ func TestCerts_CreateCertificate(t *testing.T) {
 		c := prepareTest(t, testCfg{
 			initObjs: tc.objects,
 		})
-		err := CreateCertificate(ctx, l, c, tc.svc, tc.secretName)
+		err := CreateCertificate(ctx, l, c, tc.svc, tc.secretName, scheme)
 		assert.Equal(t, tc.err, err)
 		if err == nil {
 			verifyCertificate(t, ctx, c, fmt.Sprintf("%s-tls", tc.svc.Name), tc.secretName, &tc.svc)
@@ -83,7 +85,7 @@ func TestCerts_newCertificate(t *testing.T) {
 	}
 
 	for _, tc := range tests {
-		err := newCertificate(ctx, c, tc.certName, tc.secretName, tc.svc)
+		err := newCertificate(ctx, c, tc.certName, tc.secretName, tc.svc, scheme)
 		assert.Equal(t, tc.err, err)
 		if err == nil {
 			verifyCertificate(t, ctx, c, tc.certName, tc.secretName, &tc.svc)
@@ -95,7 +97,7 @@ func TestCerts_updateCertificate(t *testing.T) {
 	cert := cmapi.Certificate{}
 	cert.Name = "test-cert"
 	svc := prepareService("test-svc", "test-ns")
-	err := updateCertificate(&cert, svc)
+	err := updateCertificate(&cert, svc, scheme)
 
 	assert.ErrorIs(t, err, nil)
 	assert.Equal(t, dnsNames(&svc), cert.Spec.DNSNames)
@@ -221,3 +223,11 @@ func prepareTest(t *testing.T, cfg testCfg) client.Client {
 
 	return client
 }
+
+func createScheme() *runtime.Scheme {
+	scheme := runtime.NewScheme()
+	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
+	utilruntime.Must(cmapi.AddToScheme(scheme))
+	utilruntime.Must(extv1.AddToScheme(scheme))
+	return scheme
+}
diff --git a/controllers/service_controller.go b/controllers/service_controller.go
@@ -96,7 +96,7 @@ func (r *ServiceReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
 
 	l.V(1).Info("Reconciling certificate for service")
 
-	err = certs.CreateCertificate(ctx, l, r.Client, svc, secretName)
+	err = certs.CreateCertificate(ctx, l, r.Client, svc, secretName, r.Scheme)
 	if err != nil {
 		return ctrl.Result{}, err
 	}

Original file line number	Diff line number	Diff line change
`@@ -96,7 +96,7 @@ func (r *ServiceReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct`
`96`	`96`
`97`	`97`	`l.V(1).Info("Reconciling certificate for service")`
`98`	`98`
`99`		`- err = certs.CreateCertificate(ctx, l, r.Client, svc, secretName)`
	`99`	`+ err = certs.CreateCertificate(ctx, l, r.Client, svc, secretName, r.Scheme)`
`100`	`100`	`if err != nil {`
`101`	`101`	`return ctrl.Result{}, err`
`102`	`102`	`}`